Proximity MIT Card Raises, Allays Security ConcernsBy Ray C. He
MIT has begun to switch faculty and students from magnetic swipe identification cards to “proximity” cards readable from a distance, but has yet to address the security concerns with both the new system and the old system as a whole.
Like the replacement of the student services card with the original, multipurpose, magnetic-stripe MIT Card in the spring of 1994, the shift to a new technology raises concerns over security and privacy.
The possibility of covertly reading and copying the cards, even as they rest in other students’ pockets, remains a concern. Nobody has demonstrated this, but nobody is prepared to say it is impossible or even particularly difficult for MIT’s electrical engineering majors.
The card has the potential to offer some new security benefits, however. A large part of the security of the card depends on the programming done by the MIT Card Office.
Privacy of cards not certain
“Since [proximity cards] can be read at a distance, someone could set up a bogus ID reader in Lobby 7 to scan ID’s as people pass,” said Chris T. Lesniewski-Laas G, who proposed a replacement for the MIT Card in 1999.
The typical range of the card readers is from 5 to 25 inches, said Cherie O’Donnell, a sales representative for Indala Corp. of California, which created the proximity card.
The range of readers is being extended. “We have coming up technologies that will allow us to detect vehicle tags. That’s usually several feet,” she said.
Security depends on Card Office
Security depends not only on Indala’s technology, but also on the MIT Card Office, which programs the readers.
“Any proximity reader and proximity card, we program them in our office, so we determine the encryption in our office,” said John M. McDonald, the assistant director of enterprise services. “We’re still using Indala’s equipment, but Indala themselves, even our vendors, do not have the keys.”
Depending on MIT’s use of these encryption and password features, the availability of proximity card reader and writer equipment, and motivation, the cards could still be duplicated by people outside the Card Office, Lesniewski-Laas said.
“I would expect that within a year or so, someone will have figured it out,” he said.
Some issues of swipe cards solved
Some of the concerns raised about the 1994 incarnation of the MIT Card still exist for the proximity cards.
“The RFIDs inherit all the concerns of the magstripe IDs,” Lesniewski-Laas said, using the abbreviation for Radio Frequency Identification.
These flaws included relatively easy duplication, the possibility of card-reader lines being tapped, predictable modifications to deactivated cards after they were reported stolen, and the use of the cards as collateral, according to the “Security Assessment of the MIT Card” by AndrÉ M. DeHon ’90. The document is available at:
Some of the problems DeHon identified were then addressed by the Card Office. The bits incremented for a reissued card were randomized, McDonald said, making a stolen ID card useless once its owner received a new card.
Proximity cards have benefits
“The RFIDs should be better than magstripes because it’ll be more difficult to copy it,” Lesniewski-Laas said. “It’ll require more expensive equipment.”
While the proximity component of the cards may be harder to copy, the magnetic stripes -- which remain on the MIT Cards -- have not changed.
A notable improvement in security is the ability to access doors without taking the card out of a wallet.
“There’s an obvious security benefit, if you don’t have to open your wallet to open a door,” Lesniewski-Laas said. “There’s less incentive for people to hang around doors, like muggers for example.”
Indala uses a technology dubbed FlexSecur, which keeps data on the proximity card encrypted. “The entire data field is scrambled prior to programming the card,” according to a technology information page on Indala’s Web site.
This doesn’t necessarily make it harder to copy the information on the card, but it does mean, the Web site says, that “the data on the card cannot be decoded to determine the actual information on the card.”
Indala would not divulge specific technical information relating to the security of their cards and card readers beyond what can be found on its Web site.
“That information is proprietary information,” O’Donnell said.